Security Experts:

More Security Headlines

A vulnerability that allows malicious applications to capture screen contents and record audio without a user’s knowledge impacts over 78% of Android devices, researchers claim. [Read More]
WoSign subsidiary StartCom will shut down after major browser vendors banned its certificates [Read More]
1.8 billion Internet posts collected by a contractor for the Pentagon were exposed online due to failure to secure an Amazon cloud storage bucket [Read More]
A recently observed variant of the EMOTET banking Trojan features new routines that allow it to evade sandbox and malware analysis, Trend Micro security researchers reveal. [Read More]
Quad9's free Domain Name System (DNS) service leverages IBM's threat intelligence and promises protection from Internet threats by blocking access to websites and IPs flagged as malicious at the DNS level. [Read More]
GitHub warns developers if their project uses a library that is known to have security flaws [Read More]
Cyber insurance firm At-Bay has emerged from stealth with a new model of security cooperation between insured and insurer to reduce risk and exposure to both parties. [Read More]
A series of ransomware attacks against small-to-medium companies are leveraging Remote Desktop Protocol (RDP) access to infect systems, Sophos reports. [Read More]
Hundreds of Moxa devices similar to the ones targeted in the 2015 Ukraine power grid hack are vulnerable to remote attacks [Read More]
Chinese drone maker DJI and a researcher are in an online battle – which could also turn into a legal battle – over the company’s bug bounty program [Read More]

SecurityWeek Experts

rss icon

Lance Cottrell's picture
Passive Information Leakage (PIL) is one of the least known and most difficult forms of data lost to prevent, and is little understood, primarily because it cannot be addressed through conventional security practices.
Ashley Arbuckle's picture
Here are five recommendations that can help you, as an IT security professional, proactively work in partnership with your OT counterparts to protect the business better.
Joshua Goldfarb's picture
Security teams have given up on building their workflow around a small number of “silver bullets” that claim to solve most of their problems
Preston Hogue's picture
Working closely with business groups throughout the process of due diligence fulfills the CISO’s responsibilities and creates a more security-savvy business.
Dan Cornell's picture
As you start to get an idea of what your application portfolio looks like, you then need to start determining the specific risks that applications can expose your organization to.
Josh Lefkowitz's picture
It’s crucial to recognize that 2018 will very likely be yet another year of increasingly complex and damaging threats and incidents, which is why we must always build upon and further enhance our intelligence strategies.
Adam Meyer's picture
If your threat intelligence isn’t practical, it’s not really useful. Here are a few examples of practical questions you can ask your threat analyst team.
Travis Greene's picture
The cybersecurity community needs to identify where untapped resources exist in order to move beyond traditional industry practices and contend with this imbalance.
Alastair Paterson's picture
There are several mitigation measures and best practices that you can adopt to improve your organization’s security posture and reduce the risk of supply chain infections.
Jim Ivers's picture
Why are even the most security-conscious organizations being compromised, and what does it mean for everyone else?